how do I create a certificate :

How do I create a certificate? Print

Created by: Linda Brown

Modified on: Sat, 30 Apr, 2022 at 7:21 AM

If your local client has already been configured, you can create a test certificate by running the step ca certificate command. Here is an example:

step ca certificate myservice myservice.crt myservice.key \\
 --san myservice.internal.mycompany.net \\
 --not-after 8h

In this command, we are asking the CA to create a certificate with the following properties

myservice - The certificate's subject

myservice.crt - Save the certificate in a file with this name

myservice.key - Save the key in a file with this name

--san myservice.internal.mycompany.net - Add an additional SAN to the certificate, with the specified value
--not-after 8h - Set the certificate to expire after 8 hours

When you run this command, smallstep will need to authenticate you, so it will make a call to the authority-admin provisioner and start a single sign-on flow via the Smallstep dashboard. After a successful sign-in, the authority will issue the certificate at the command line.

NOTE: If you have created additional provisioners you may see them appear during the “authentication” step. authority-admin is the only provisioner used to validate a user to smallstep. If instead, you want to create a certificate using a different provisioner, use the —provisioner parameter when making the certificate request.

Linda is the author of this solution article.

Did you find it helpful? Yes No

How do I create a certificate? Print

Related Articles